BS ISO 37001:2016 - Anti-bribery management systems
Bribery is higher up the business risk agenda than ever before for a number of reasons. These include a changing legal environment wherein most countries now criminalise bribery and many prosecute it; increased awareness of the harm caused to countries, businesses and individuals; greater organizational focus on corporate social responsibility and good governance; and the extreme financial and reputational damage inflicted on organizations found to be involved in bribery.
In response, BS ISO 37001 has been produced to help organizations prevent, detect and tackle bribery and comply with anti-bribery laws and voluntary anti-bribery commitments. It will also help them to promote trust and confidence in their business dealings and enhance their reputations.
Who is the standard for?
The standard has wide applicability. It can be used by organizations of any size in any sector or by sections or entities within an organization which may want to implement an anti-bribery management system.
The primary users will be decision-makers, including company/corporate secretaries, who use standards to ensure compliance to business priorities and regulatory requirements and who have responsibility for the following:
- legal issues
- risk management
- commercial management
- financial management
- human resource management
- internal audit
It will also be used by managers responsible for the general management of an organization or for its specific functions or programmes.
The standard will also be valuable to:
- supplier organizations, e.g. producers, distributors, subcontractors, retailers or vendors of a product, or providers of a service or information
- financing organizations, e.g. organizations providing the financing, guarantees or insurance for businesses, projects or products
- prosecution authorities, e.g. organizations which investigate and prosecute bribery
- regulatory bodies
What does the standard cover?
The standard specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be standalone or can be integrated into an overall management system. The standard deals with the following in relation to the organization's activities:
a) bribery in the public, private and not-for-profit sectors
b) bribery by the organization
c) bribery by the organization's personnel acting on the organization's behalf or for its benefit
d) bribery by the organization's business associates acting on the organization's behalf or for its benefit
e) bribery of the organization
f) bribery of the organization's personnel in relation to the organization’s activities
g) bribery of the organization's business associates in relation to the organization’s activities
h) direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party)
Note: This International Standard is applicable only to bribery. The standard defines bribery as: “the offering, promising, giving, accepting or soliciting of an undue advantage of any value (which could be financial or non-financial), directly or indirectly, and irrespective of location(s), in violation of applicable law, as an inducement or reward for a person acting or refraining from acting in relation to the performance of that person's duties”
How will the standard benefit users?
- It can help an organization prevent bribery occurring.
- It provides a system for organizations to use to avoid funds being misappropriated and projects being undermined and not properly or safely carried out.
- It helps provide assurance that the organization has an anti-bribery policy and measurements in place.
- In the event of a prosecution, an organization can often be assisted in its defence if it can demonstrate to the court that its systems were adequate and that the breach was not a corporate failure e.g. it was the work of a rogue employee.
- It follows Annex SL so will align easily with other management systems such as ISO 9001 (quality), ISO 14001 (environment) and ISO 26000 (sustainability).